The Price Is Right, Security Imperfect

By Rob Pegoraro
Sunday, June 18, 2006

Depending on how you feel about Microsoft, its new Windows Live OneCare security service either amounts to a welcome helping hand or a particularly sleazy protection racket.

If you place yourself in the latter group -- if you think nothing justifies paying Microsoft to fix its own mistakes -- you might as well stop reading now. (But then you should rethink using Microsoft software at all if you trust the company that little; Linux isn't that hard, and a Mac isn't that expensive.)

If, however, you'll grant Microsoft the right to compete for the money you might otherwise spend on a security suite from Symantec, McAfee, Trend Micro or another vendor, OneCare deserves a look.

Like other all-in-one security packages, the $49.95-a-year, Windows XP-only OneCare aims to provide the software equivalent of an in-home cleaning service: You pay to have somebody show up and make the problems go away.

OneCare's cleaning crew consists of five programs: an anti-virus utility, a firewall to stop break-in attempts, the Windows Defender spyware remover (also available as a separate, free download), a system tune-up tool and a file-backup application.

Microsoft sells OneCare in stores but offers a 90-day free trial of the service, with no credit card required, from its Web site ( ). Downloaded copies of OneCare installed successfully on two computers, but the experience had its shaky moments.

First, this Web setup requires using Internet Explorer, then downloading and running an ActiveX program in that browser -- exactly the sort of insecure conduct you should avoid. The ActiveX download checks your system for conflicting software, but it doesn't always give useful advice. On an old ThinkPad laptop, it incorrectly referred to CA's eTrust Personal Firewall as "ZoneAlarm." (The eTrust firewall is based on Zone Labs' software, but how many non-IT types know that?)

After a restart, the only sign of OneCare in normal use was a small green blob at the bottom right of the screen, indicating that computer's security state was "good."

OneCare's anti-virus component is equally low-key, automatically updating its database every day but keeping out of sight until you download or try to open a virus. In some cases, it blocks virus downloads before they even start; in others, you may be able to land a virus on the hard drive, but OneCare still won't let it do anything.

Unless, that is, it doesn't know about a virus. Of three that arrived Friday, OneCare didn't catch any in a spot check ordered up via the "Scan for viruses . . ." command it adds to the Windows desktop's right-click menu. It recognized and stopped one of them after it was double-clicked -- but let the other two begin infecting the machine.

OneCare's firewall is about as simple to operate as the one built into Windows XP. But in addition to stopping unwanted break-in attempts from the Internet, it polices all online access by programs on your computer: Only programs that it recognizes as legitimate, plus others you specify, are allowed to connect to the Internet.

In practice, that added defense will probably help only if you already have spyware or a virus loose on your machine. The rest of the time, it can be a nuisance if the firewall keeps asking if programs X, Y and Z may connect to the Internet. OneCare's list of allowed software only partially minimizes that work; it omits such well-known programs as Corel's WordPerfect X3 suite, the Mozilla Thunderbird mail program and Google Pack's updater.

CONTINUED     1        >

© 2006 The Washington Post Company